[f8d632ac] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
| 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
|
---|
| 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 | ]>
|
---|
| 7 |
|
---|
[9a67723] | 8 | <sect1 id="postlfs-config-skel">
|
---|
[a0f03b0] | 9 | <sect1info>
|
---|
[5cd0959d] | 10 | <othername>$LastChangedBy$</othername>
|
---|
| 11 | <date>$Date$</date>
|
---|
[a0f03b0] | 12 | </sect1info>
|
---|
[bae6e15] | 13 | <?dbhtml filename="skel.html"?>
|
---|
[cfc2a54] | 14 | <title>Configuring for Adding Users</title>
|
---|
[9a67723] | 15 |
|
---|
[9ed94cb] | 16 | <para>Together, the <command>/usr/sbin/useradd</command> command and
|
---|
[8604d92f] | 17 | <filename class="directory">/etc/skel</filename> directory (both are easy to setup and use)
|
---|
[78b3cd61] | 18 | provide a way to assure new users are added on your <acronym>LFS</acronym>
|
---|
| 19 | system with the same beginning settings for things like <envar>PATH</envar>,
|
---|
| 20 | keyboard processing and environmental variables. Using these two facilities
|
---|
| 21 | makes it easier to assure this initial state for each new user.</para>
|
---|
| 22 |
|
---|
[8604d92f] | 23 | <para>The <filename class="directory">/etc/skel</filename> directory holds copies of various
|
---|
[cfc2a54] | 24 | initialization and other files that may be copied to the new user's home
|
---|
[78b3cd61] | 25 | directory when the <command>/usr/sbin/useradd</command> program adds the new
|
---|
| 26 | user.</para>
|
---|
[7346f16] | 27 |
|
---|
[0a2ca755] | 28 | <para><emphasis>Useradd</emphasis></para>
|
---|
[7346f16] | 29 |
|
---|
[9ed94cb] | 30 | <para>The <command>useradd</command> program uses a collection of
|
---|
[cfc2a54] | 31 | default values kept in <filename>/etc/default/useradd</filename>,
|
---|
| 32 | if it exists. If the file does not exist, then it uses some internal
|
---|
[78b3cd61] | 33 | defaults. You can see the default values by running <command>/usr/sbin/useradd
|
---|
| 34 | -D</command>.</para>
|
---|
[7346f16] | 35 |
|
---|
[78b3cd61] | 36 | <para>To change these values to something new, create a base <filename>
|
---|
| 37 | /etc/default/useradd</filename> file with the same values as the output of
|
---|
| 38 | <command>/usr/sbin/useradd -D</command>. Here is a sample.</para>
|
---|
[7346f16] | 39 |
|
---|
[9ed94cb] | 40 | <screen># Begin /etc/default/useradd
|
---|
[7346f16] | 41 |
|
---|
| 42 | GROUP=100
|
---|
| 43 | HOME=/home
|
---|
| 44 | INACTIVE=-1
|
---|
| 45 | EXPIRE=
|
---|
| 46 | SHELL=
|
---|
| 47 | SKEL=/etc/skel
|
---|
| 48 |
|
---|
[9ed94cb] | 49 | # End /etc/default/useradd</screen>
|
---|
[7346f16] | 50 |
|
---|
| 51 | <para>The only thing missing from the file is a default shell. Add that
|
---|
| 52 | by running:</para>
|
---|
| 53 |
|
---|
[9ed94cb] | 54 | <screen><userinput><command>/usr/sbin/useradd -D -s/bin/bash</command></userinput></screen>
|
---|
[7346f16] | 55 |
|
---|
[78b3cd61] | 56 | <para>This will set the <envar>SHELL</envar>= line to
|
---|
[9ed94cb] | 57 | <envar>SHELL</envar>=/bin/bash.</para>
|
---|
[cfc2a54] | 58 |
|
---|
[9ed94cb] | 59 | <para><command>Useradd</command> has many parameters that
|
---|
[78b3cd61] | 60 | can be set in the <filename>/etc/default/useradd</filename> file.</para>
|
---|
[cfc2a54] | 61 |
|
---|
[9ed94cb] | 62 | <para>For more information see <command>man useradd</command>.</para>
|
---|
[cfc2a54] | 63 |
|
---|
[9dd9c5c] | 64 | <para><emphasis>/etc/skel</emphasis></para>
|
---|
[cfc2a54] | 65 |
|
---|
[1ea79a1] | 66 | <para>To get started, create an <filename class="directory">/etc/skel</filename> directory
|
---|
[cfc2a54] | 67 | and make sure it is writable only by the system administrator, usually
|
---|
| 68 | root. Creating the directory as root is the best way to go.</para>
|
---|
| 69 |
|
---|
| 70 | <para>The mode of any files from this part of the book that you put in
|
---|
[8604d92f] | 71 | <filename class="directory">/etc/skel</filename> should be writable only by the owner.
|
---|
[cfc2a54] | 72 | Also, since there is no telling what kind of sensitive information a
|
---|
| 73 | user may eventually place in their copy of these files, you should
|
---|
| 74 | make them unreadable by "group" and "other".</para>
|
---|
| 75 |
|
---|
[8604d92f] | 76 | <para>You can also put other files in <filename class="directory">/etc/skel</filename> and
|
---|
[78b3cd61] | 77 | different permissions may be needed for them.</para>
|
---|
[cfc2a54] | 78 |
|
---|
[78b3cd61] | 79 | <para>Decide which initialization files should be provided in every (or most)
|
---|
[cfc2a54] | 80 | new user's home directory. The decisions you make will affect what you
|
---|
[65e7508] | 81 | do in the next two sections, <xref linkend="postlfs-config-profile"/> and
|
---|
[78b3cd61] | 82 | <xref linkend="postlfs-config-vimrc"/>. Some or all of those files will be
|
---|
[cfc2a54] | 83 | useful for root, any already-existing users, and new users.</para>
|
---|
| 84 |
|
---|
| 85 | <para>The files from those sections that you might want to place in
|
---|
[8604d92f] | 86 | <filename class="directory">/etc/skel</filename> include
|
---|
[cfc2a54] | 87 | <filename>.inputrc</filename>, <filename>.bash_profile</filename>,
|
---|
| 88 | <filename>.bashrc</filename>, <filename>.bash_logout</filename>,
|
---|
| 89 | <filename>.dircolors</filename>, and <filename>.vimrc</filename>. If
|
---|
| 90 | you are unsure which of these should be placed there, just continue to
|
---|
| 91 | the following sections, read each section and any references provided,
|
---|
| 92 | and then make your decision.</para>
|
---|
| 93 |
|
---|
| 94 | <para>You will run a slightly modified set of commands for files which
|
---|
[8604d92f] | 95 | are placed in <filename class="directory">/etc/skel</filename>. Each section will remind
|
---|
[cfc2a54] | 96 | you of this. In brief, the book's commands have been written for files
|
---|
[8604d92f] | 97 | <emphasis>not</emphasis> added to <filename class="directory">/etc/skel</filename> and
|
---|
[cfc2a54] | 98 | just send the results to the user's home directory. If the file is going
|
---|
[8604d92f] | 99 | to be in <filename class="directory">/etc/skel</filename>, change the book's command(s) to
|
---|
[cfc2a54] | 100 | send output there instead and then just copy the file from
|
---|
[8604d92f] | 101 | <filename class="directory">/etc/skel</filename> to the appropriate directories, like
|
---|
[666f6de] | 102 | <filename class="directory">/etc</filename>, <filename class="directory">~</filename> or the home directory
|
---|
[cfc2a54] | 103 | of any other user already in the system.</para>
|
---|
| 104 |
|
---|
[78b3cd61] | 105 | <para><emphasis>When Adding a User</emphasis></para>
|
---|
[cfc2a54] | 106 |
|
---|
[1ea79a1] | 107 | <para>When adding a new user with <command>useradd</command>, use
|
---|
[3df86b66] | 108 | the <option>-m</option> parameter, which tells
|
---|
[78b3cd61] | 109 | <command>useradd</command> to create the user's home directory and
|
---|
[8604d92f] | 110 | copy files from <filename class="directory">/etc/skel</filename> (can be overridden) to
|
---|
[cfc2a54] | 111 | the new user's home directory. For example:</para>
|
---|
| 112 |
|
---|
[75e5028] | 113 | <screen><command>useradd -m jwrober</command></screen>
|
---|
[9a67723] | 114 |
|
---|
| 115 | </sect1>
|
---|